Date: prev next · Thread: first prev next last
2020 Archives by date, by thread · List index


On Sat, 04 Jan 2020 at 15:10:42 +0100, William Gathoye (LibreOffice) wrote:
Content Security Policy: The page’s settings blocked the loading of a
resource at
http://fr.blog.documentfoundation.org/wp-json/jetpack/v4/rewind?_cacheBuster=1578146864121
(“connect-src”).

What's the concrete impact of blocking that resource?  There are other
external resources being blocked on the admin panel, but AFAICT this is
just cosmetic, and these errors don't show up for anonymous visitors (ie
the overwhelming majority of users).  I'm not too keen to further weaken
the CSP if that's just cosmetic; would rather use the errors as a
reminder to harden it.

-- 
Guilhem.

-- 
To unsubscribe e-mail to: website+unsubscribe@global.libreoffice.org
Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette
List archive: https://listarchives.libreoffice.org/global/website/
Privacy Policy: https://www.documentfoundation.org/privacy

Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.